Why don't browsers send whether they have javascript enabled/disabled in the request header?

Question

It just seems like something that would be really useful when developing server-side code. If you know that the browser won't be using javascript from the server-side, you could easily accommodate the user. Or if you just felt like it, redirect them to a page that says 'hey... we need you to use javascript for our application' etc.

Does anyone know why this is?

Answer 1

One way I use is to have a landing page/login page. When the user presses the logon button then use javascript to submit the results or update a hidden field before posting the logon. If javascript is disabled then the javascript will not work and therefore you can assume they have it turned off.

Answer 2

As handy as it would be to have your server be aware of your browser's Javascript capability before page rendering began, I can see a strange edge case such as:

// hide malicious code from people without javascript
if ($header['javascript'] == 'false') {
    show_regular_safe_website();
} else {
    use_some_nasty_javascript_exploit();
}

Answer 3

I suppose the Accept field could be used to such a purpose, like "Accept: text/javascript". But since it's proprietary the IETF would never include it in any standards and widespread adaptation is therefore unlikely. Web-developers has coped so far.

Answer 4

The real reason is that when Netscape came out with JavaScript, they never thought to make the information available in the HTTP headers. Instead they created the <noscript> tag.

Answer 5

See the <noscript> tag, here.

I know it's probably not ideal (I don't have enough experience with it to pick it apart) but it certainly gives us enough flexibility to degrade somewhat gracefully.